diff --git a/.editorconfig b/.editorconfig
index e23e4cd649..13aa8d50f0 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -12,6 +12,9 @@ insert_final_newline = true
 [*.{go,tmpl,html}]
 indent_style = tab
 
+[go.*]
+indent_style = tab
+
 [templates/custom/*.tmpl]
 insert_final_newline = false
 
diff --git a/modules/indexer/code/bleve/bleve.go b/modules/indexer/code/bleve/bleve.go
index e1a381f992..130ee78a4b 100644
--- a/modules/indexer/code/bleve/bleve.go
+++ b/modules/indexer/code/bleve/bleve.go
@@ -191,7 +191,8 @@ func (b *Indexer) addUpdate(ctx context.Context, batchWriter git.WriteCloserErro
 		return err
 	} else if !typesniffer.DetectContentType(fileContents).IsText() {
 		// FIXME: UTF-16 files will probably fail here
-		return nil
+		// Even if the file is not recognized as a "text file", we could still put its name into the indexers to make the filename become searchable, while leave the content to empty.
+		fileContents = nil
 	}
 
 	if _, err = batchReader.Discard(1); err != nil {
diff --git a/modules/private/hook.go b/modules/private/hook.go
index 87d6549f9c..215996b9b9 100644
--- a/modules/private/hook.go
+++ b/modules/private/hook.go
@@ -7,9 +7,9 @@ import (
 	"context"
 	"fmt"
 	"net/url"
-	"time"
 
 	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/httplib"
 	"code.gitea.io/gitea/modules/repository"
 	"code.gitea.io/gitea/modules/setting"
 )
@@ -82,29 +82,32 @@ type HookProcReceiveRefResult struct {
 	HeadBranch        string
 }
 
+func newInternalRequestAPIForHooks(ctx context.Context, hookName, ownerName, repoName string, opts HookOptions) *httplib.Request {
+	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/hook/%s/%s/%s", hookName, url.PathEscape(ownerName), url.PathEscape(repoName))
+	req := newInternalRequestAPI(ctx, reqURL, "POST", opts)
+	// This "timeout" applies to http.Client's timeout: A Timeout of zero means no timeout.
+	// This "timeout" was previously set to `time.Duration(60+len(opts.OldCommitIDs))` seconds, but it caused unnecessary timeout failures.
+	// It should be good enough to remove the client side timeout, only respect the "ctx" and server side timeout.
+	req.SetReadWriteTimeout(0)
+	return req
+}
+
 // HookPreReceive check whether the provided commits are allowed
 func HookPreReceive(ctx context.Context, ownerName, repoName string, opts HookOptions) ResponseExtra {
-	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/hook/pre-receive/%s/%s", url.PathEscape(ownerName), url.PathEscape(repoName))
-	req := newInternalRequestAPI(ctx, reqURL, "POST", opts)
-	req.SetReadWriteTimeout(time.Duration(60+len(opts.OldCommitIDs)) * time.Second)
+	req := newInternalRequestAPIForHooks(ctx, "pre-receive", ownerName, repoName, opts)
 	_, extra := requestJSONResp(req, &ResponseText{})
 	return extra
 }
 
 // HookPostReceive updates services and users
 func HookPostReceive(ctx context.Context, ownerName, repoName string, opts HookOptions) (*HookPostReceiveResult, ResponseExtra) {
-	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/hook/post-receive/%s/%s", url.PathEscape(ownerName), url.PathEscape(repoName))
-	req := newInternalRequestAPI(ctx, reqURL, "POST", opts)
-	req.SetReadWriteTimeout(time.Duration(60+len(opts.OldCommitIDs)) * time.Second)
+	req := newInternalRequestAPIForHooks(ctx, "post-receive", ownerName, repoName, opts)
 	return requestJSONResp(req, &HookPostReceiveResult{})
 }
 
 // HookProcReceive proc-receive hook
 func HookProcReceive(ctx context.Context, ownerName, repoName string, opts HookOptions) (*HookProcReceiveResult, ResponseExtra) {
-	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/hook/proc-receive/%s/%s", url.PathEscape(ownerName), url.PathEscape(repoName))
-
-	req := newInternalRequestAPI(ctx, reqURL, "POST", opts)
-	req.SetReadWriteTimeout(time.Duration(60+len(opts.OldCommitIDs)) * time.Second)
+	req := newInternalRequestAPIForHooks(ctx, "proc-receive", ownerName, repoName, opts)
 	return requestJSONResp(req, &HookProcReceiveResult{})
 }
 
diff --git a/routers/web/auth/oauth2_provider.go b/routers/web/auth/oauth2_provider.go
index 00b5b2db52..ff571fbf2c 100644
--- a/routers/web/auth/oauth2_provider.go
+++ b/routers/web/auth/oauth2_provider.go
@@ -249,7 +249,7 @@ func AuthorizeOAuth(ctx *context.Context) {
 			}, form.RedirectURI)
 			return
 		}
-		if err := ctx.Session.Set("CodeChallengeMethod", form.CodeChallenge); err != nil {
+		if err := ctx.Session.Set("CodeChallenge", form.CodeChallenge); err != nil {
 			handleAuthorizeError(ctx, AuthorizeError{
 				ErrorCode:        ErrorCodeServerError,
 				ErrorDescription: "cannot set code challenge",
diff --git a/templates/user/auth/grant.tmpl b/templates/user/auth/grant.tmpl
index 7a6f156e36..e56241b0f8 100644
--- a/templates/user/auth/grant.tmpl
+++ b/templates/user/auth/grant.tmpl
@@ -1,35 +1,33 @@
 {{template "base/head" .}}
-<div role="main" aria-label="{{.Title}}" class="page-content ui one column stackable tw-text-center page grid oauth2-authorize-application-box">
-	<div class="column seven wide">
-		<div class="ui middle centered raised segments">
-			<h3 class="ui top attached header">
-				{{ctx.Locale.Tr "auth.authorize_title" .Application.Name}}
-			</h3>
-			<div class="ui attached segment">
-				{{template "base/alert" .}}
-				<p>
-					{{if not .AdditionalScopes}}
-					<b>{{ctx.Locale.Tr "auth.authorize_application_description"}}</b><br>
-					{{end}}
-					{{ctx.Locale.Tr "auth.authorize_application_created_by" .ApplicationCreatorLinkHTML}}<br>
-					{{ctx.Locale.Tr "auth.authorize_application_with_scopes" (HTMLFormat "<b>%s</b>" .Scope)}}
-				</p>
-			</div>
-			<div class="ui attached segment">
-				<p>{{ctx.Locale.Tr "auth.authorize_redirect_notice" .ApplicationRedirectDomainHTML}}</p>
-			</div>
-			<div class="ui attached segment">
-				<form method="post" action="{{AppSubUrl}}/login/oauth/grant">
-					{{.CsrfTokenHtml}}
-					<input type="hidden" name="client_id" value="{{.Application.ClientID}}">
-					<input type="hidden" name="state" value="{{.State}}">
-					<input type="hidden" name="scope" value="{{.Scope}}">
-					<input type="hidden" name="nonce" value="{{.Nonce}}">
-					<input type="hidden" name="redirect_uri" value="{{.RedirectURI}}">
-					<button type="submit" id="authorize-app" name="granted" value="true" class="ui red inline button">{{ctx.Locale.Tr "auth.authorize_application"}}</button>
-					<button type="submit" name="granted" value="false" class="ui basic primary inline button">{{ctx.Locale.Tr "cancel"}}</button>
-				</form>
-			</div>
+<div role="main" aria-label="{{.Title}}" class="page-content oauth2-authorize-application-box">
+	<div class="ui container tw-max-w-[500px]">
+		<h3 class="ui top attached header">
+			{{ctx.Locale.Tr "auth.authorize_title" .Application.Name}}
+		</h3>
+		<div class="ui attached segment">
+			{{template "base/alert" .}}
+			<p>
+				{{if not .AdditionalScopes}}
+				<b>{{ctx.Locale.Tr "auth.authorize_application_description"}}</b><br>
+				{{end}}
+				{{ctx.Locale.Tr "auth.authorize_application_created_by" .ApplicationCreatorLinkHTML}}<br>
+				{{ctx.Locale.Tr "auth.authorize_application_with_scopes" (HTMLFormat "<b>%s</b>" .Scope)}}
+			</p>
+		</div>
+		<div class="ui attached segment">
+			<p>{{ctx.Locale.Tr "auth.authorize_redirect_notice" .ApplicationRedirectDomainHTML}}</p>
+		</div>
+		<div class="ui attached segment tw-text-center">
+			<form method="post" action="{{AppSubUrl}}/login/oauth/grant">
+				{{.CsrfTokenHtml}}
+				<input type="hidden" name="client_id" value="{{.Application.ClientID}}">
+				<input type="hidden" name="state" value="{{.State}}">
+				<input type="hidden" name="scope" value="{{.Scope}}">
+				<input type="hidden" name="nonce" value="{{.Nonce}}">
+				<input type="hidden" name="redirect_uri" value="{{.RedirectURI}}">
+				<button type="submit" id="authorize-app" name="granted" value="true" class="ui red inline button">{{ctx.Locale.Tr "auth.authorize_application"}}</button>
+				<button type="submit" name="granted" value="false" class="ui basic primary inline button">{{ctx.Locale.Tr "cancel"}}</button>
+			</form>
 		</div>
 	</div>
 </div>
diff --git a/templates/user/auth/grant_error.tmpl b/templates/user/auth/grant_error.tmpl
index e37c4f6544..7a4521d331 100644
--- a/templates/user/auth/grant_error.tmpl
+++ b/templates/user/auth/grant_error.tmpl
@@ -1,15 +1,12 @@
 {{template "base/head" .}}
-<div role="main" aria-label="{{.Title}}" class="page-content ui one column stackable tw-text-center page grid oauth2-authorize-application-box {{if .IsRepo}}repository{{end}}">
-	{{if .IsRepo}}{{template "repo/header" .}}{{end}}
-	<div class="column seven wide">
-		<div class="ui middle centered raised segments">
-			<h1 class="ui top attached header">
-				{{ctx.Locale.Tr "auth.authorization_failed"}}
-			</h1>
-			<h3 class="ui attached segment">{{.Error.ErrorDescription}}</h3>
-			<div class="ui attached segment">
-				<p>{{ctx.Locale.Tr "auth.authorization_failed_desc"}}</p>
-			</div>
+<div role="main" aria-label="{{.Title}}" class="page-content oauth2-authorize-application-box">
+	<div class="ui container tw-max-w-[500px]">
+		<h1 class="ui top attached header">
+			{{ctx.Locale.Tr "auth.authorization_failed"}}
+		</h1>
+		<h3 class="ui attached segment">{{.Error.ErrorDescription}}</h3>
+		<div class="ui attached segment">
+			<p>{{ctx.Locale.Tr "auth.authorization_failed_desc"}}</p>
 		</div>
 	</div>
 </div>